<?php
include_once('../lib/config.php');
require ($war_root.'/lib/verify.php');
require ($war_root.'/lib/has_char.php');
require ($war_root.'/lib/is_approved.php');
require ($war_root.'/lib/is_admin.php');


$_category = "Admin";
$_title = "";
$admin_active = 1;
$log_char = $character["character_name"];
$debug=0;
$debug_active="yes";

require ($war_root.'/lib/head.php');

$page = @$_GET ['p'];
$system_id = @$system ["system_id"];

# Page for boss selection
if ($page == 'instance') {
	boxTop ( "$_category: " );
	$raid_instance = $_POST ["instance_id"];

	# Add loot
	if (isset($_POST['add'])) {
		echo '<form action="'.$war_http.'/admin/bossloot.php?p=add" method="post"><p>';

		$sql = "select boss_id, boss_name from wm_bosses where boss_instance = " . $raid_instance;
		$result = $db->query ( $sql );
		echo '<select name="boss">';
		while ( $boss = $db->fetch_assoc ( $result ) ) {
			echo '<option selected value="'.$boss["boss_id"].'">'.$boss["boss_name"].'</option>';
		}
		echo '</select></p><br/>';
		echo 'Use item IDs. One per line.<br/>';
		echo '<textarea name="items" rows="10" cols="7"></textarea><br/>';
		echo '<input type="submit" value="Sumbit">';
		echo '</p></form>';

	}

	# Remove loot
	else {

		echo '<form action="'.$war_http.'/admin/bossloot.php?p=rem" method="post"><p>';

		$sql = "select boss_id, boss_name from wm_bosses where boss_instance = " . $raid_instance;
		$result = $db->query ( $sql );
		echo '<select name="boss">';
		while ( $boss = $db->fetch_assoc ( $result ) ) {
			echo '<option selected value="'.$boss["boss_id"].'">'.$boss["boss_name"].'</option>';
		}
		echo '</select></p><br/>';
		echo '<input type="submit" value="Go to loot">';
		echo '</p></form>';
	}
	boxBot ();
}

# Page that inserts items into the database and show result.
elseif ($page == 'add') {
	boxTop ( "$_category: " );

	$boss = @$_POST['boss'];
	$items = @$_POST['items'];
	$i = explode("\n", $items);
	foreach ($i as $item) {
		$item =  trim(strip_tags($item));
		if(is_numeric($item)) {

			$sql = 'INSERT INTO wm_items (item_boss, item_id) VALUES ('.$boss.', '.$item.')';
			$res = $db->query($sql);
			if ($res != 1) {
				sql_debug($db->error());
				die('Problems adding item: "'.$item.'" to boss: "'.$boss.'", please contact an administrator.<br>');
			} else {
				$wish['item_id'] = $item;
				echo show_pure($wish).' - Successfully added to boss number: '.$boss.'.<br/>';
			}
		}
		else die("Non-numeric string found in the items, please try again.<br>\n If the problem persists, please contact an administrator.");
	}
	echo '<br/><a href='.$war_http.'/admin/bossloot.php>Add more loot</a>';
	boxBot ();


}

# List loot to remove
elseif ($page == 'rem') {
	boxTop ( "$_category: " );

	$boss = @$_POST['boss'];
	echo '<form action="'.$war_http.'/admin/bossloot.php?p=rem2" method="post"><p>';
	echo '<input type="hidden" name="boss" value="'.$boss.'">';
	$sql = "select item_id from wm_items where item_boss = '$boss' order by item_id asc";
	$result = $db->query ($sql);
	while ( $item = $db->fetch_assoc ($result)) {
		echo show_pure($item).'<br>';
		echo '<input type="radio" name="item-'.$item["item_id"].'" value="'.$item["item_id"].'">'.$item["item_id"]."<br><br>\n";
	}
	echo '<input type="submit" value="Remove items">';
	echo '</p></form>';
	boxBot();

}

# Remove items from boss in question from the database
elseif ($page == 'rem2') {
	boxTop ( "$_category: " );

	$boss = @$_POST['boss'];
	echo $boss;
	foreach(array_keys(@$_POST) as $key) {
		$tmp = substr($key, 0, 5);
		if ($tmp == 'item-') {
			$item = substr($key, 5);
			$sql = "DELETE FROM wm_items WHERE item_boss = ".$boss." AND item_id = ".$item;
			$res = $db->query($sql);
			if ($res != 1) {
				die('Problems removing item: "'.$item.'" from boss: "'.$boss.'", please contact an administrator.');
			} else {
				$wish['item_id'] = $item;
				echo show_pure($wish).' - Successfully removed from boss number: '.$boss.'.<br/>';
			}
		}
	}
	boxBot();

}


# Start page, where you select instance. Passes you along to admin-bossloot.php?p=instance
else {
	boxTop ( "$_category: " );
	echo '<b>Select instance</b><br /><br />';
	echo '<form action="'.$war_http.'/admin/bossloot.php?p=instance" method="post"><p>';

	$sql = "select instance_id, instance_name from wm_instances where instance_tier = ".$system ["system_tier"];
	$result = $db->query ($sql);
	echo '<select name="instance_id">';
	while ( $inst = $db->fetch_assoc ($result)) {
		echo '<option selected value="'.$inst["instance_id"].'">'.$inst["instance_name"].'</option>';
	}
	echo '</select></p><br/>';
	echo '<input type="submit" name="add" value="Add loot"><input type="submit" name="rem" value="Remove loot">';
	echo '</p></form>';

	boxBot ();
}

require ($war_root.'/lib/foot.php');
?>
